# $Id: PKGBUILD 89278 2010-08-30 21:38:00Z thomas $
# Maintainer: Aaron Griffin <aaron@archlinux.org>
# Contributor: judd <jvinet@zeroflux.org>

pkgname=openssh
pkgver=5.6p1
pkgrel=1
pkgdesc='A Secure SHell server/client'
arch=('i686' 'x86_64')
license=('custom')
url="http://www.openssh.org/portable.html"
backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd')
depends=('openssl' 'zlib' 'pam' 'tcp_wrappers' 'heimdal')
source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"
        'sshd' 'sshd.confd' 'sshd.pam')
md5sums=('e6ee52e47c768bf0ec42a232b5d18fb0'
         '17b1b1bf0f578a55945ee204bd4462af'
         'e2cea70ac13af7e63d40eb04415eacd5'
         '1c7c2ea8734ec7e3ca58d820634dc73a')

build() {
  cd ${srcdir}/${pkgname}-${pkgver}

  #NOTE we disable-strip so that makepkg can decide whether to strip or not
  ./configure --prefix=/usr --libexecdir=/usr/lib/ssh \
    --sysconfdir=/etc/ssh --with-tcp-wrappers --with-privsep-user=nobody \
    --with-md5-passwords --with-pam --with-mantype=man --mandir=/usr/share/man \
    --with-xauth=/usr/bin/xauth --with-kerberos5=/usr --with-ssl-engine \
    --disable-strip
  make || return 1
}

package() {
  cd ${srcdir}/${pkgname}-${pkgver}
  make DESTDIR=${pkgdir} install

  install -Dm755 ${srcdir}/sshd ${pkgdir}/etc/rc.d/sshd

  install -Dm644 LICENCE ${pkgdir}/usr/share/licenses/${pkgname}/LICENCE
  install -Dm644 ${srcdir}/sshd.pam ${pkgdir}/etc/pam.d/sshd
  install -Dm644 ${srcdir}/sshd.confd ${pkgdir}/etc/conf.d/sshd

  rm ${pkgdir}/usr/share/man/man1/slogin.1
  ln -sf ssh.1.gz ${pkgdir}/usr/share/man/man1/slogin.1.gz

  #additional contrib scripts that we like
  install -Dm755 contrib/findssl.sh ${pkgdir}/usr/bin/findssl.sh
  install -Dm755 contrib/ssh-copy-id ${pkgdir}/usr/bin/ssh-copy-id
  install -Dm644 contrib/ssh-copy-id.1  ${pkgdir}/usr/share/man/man1/ssh-copy-id.1

  # sshd_config
  sed -i \
    -e 's|^#ListenAddress 0.0.0.0|ListenAddress 0.0.0.0|g' \
    -e 's|^#UsePAM no|UsePAM yes|g' \
    -e 's|^#ChallengeResponseAuthentication yes|ChallengeResponseAuthentication no|g' \
    ${pkgdir}/etc/ssh/sshd_config
  echo "HashKnownHosts yes" >>  ${pkgdir}/etc/ssh/ssh_config
  echo "StrictHostKeyChecking ask" >>  ${pkgdir}/etc/ssh/ssh_config

  #ssh_config
  sed -i \
    -e 's|^# Host \*|Host *|g' \
    ${pkgdir}/etc/ssh/ssh_config
}